Phishing (pronounced like "fishing") is an attempt to contact a person, usually through e-mail, by misrepresenting themselves as a legitimate company or corporation in an attempt to gain private information about that user so it can be used for identity theft.
First some Don'ts:
Now some Do's:
Generally speaking, a legitimate request by a legitimate company to have you verify personal information, especially Social Security Numbers, will NOT come through email. They may send you an email and ask you to call them., but again, go to there web site MANUALLY, or use some other source such as a previous paper bill, and verify the telephone number before calling.